package cn.kgc.shiro02.shiro;

import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.realm.Realm;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.CookieRememberMeManager;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.servlet.SimpleCookie;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import java.util.LinkedHashMap;

/**
 * @Author: 课工场
 * @Version: v1.0  2023/4/1
 * @Description: shiro的配置类   xml
 */
@Configuration
public class ShiroConfig {
    //  shiro中的过滤器 交给spring容器管理
    @Bean
    public ShiroFilterFactoryBean shiroFilterFactoryBean(DefaultWebSecurityManager securityManager) {
        ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
        shiroFilterFactoryBean.setSecurityManager(securityManager);
        //配置拦截的规则
        LinkedHashMap<String, String> map = new LinkedHashMap<>();
        //放行登录请求  anon  可匿名访问
        map.put("/user/login", "anon");
        // 放行静态资源
        map.put("/dist/**", "anon");
        // 放行验证码请求
        map.put("/captcha/getCaptcha", "anon");
        // 所有的请求 均需要经过认证
        //map.put("/**", "authc");
        //已登录或“记住我”的用户才能访问
        map.put("/**", "user");
        // 设置默认的登录页
        shiroFilterFactoryBean.setLoginUrl("/login.html");
        shiroFilterFactoryBean.setFilterChainDefinitionMap(map);
        return shiroFilterFactoryBean;
    }

    // 将安全管理器交由spring管理
    @Bean
    public DefaultWebSecurityManager defaultWebSecurityManager(Realm realm) {
        DefaultWebSecurityManager defaultWebSecurityManager = new DefaultWebSecurityManager();

        // 设置一周免登录
        CookieRememberMeManager cookieRememberMeManager = new CookieRememberMeManager();
        SimpleCookie rmbme = new SimpleCookie("rmbme");
        rmbme.setMaxAge(60*60*24*7);
        cookieRememberMeManager.setCookie(rmbme);
        defaultWebSecurityManager.setRememberMeManager(cookieRememberMeManager);

        defaultWebSecurityManager.setRealm(realm);
        return defaultWebSecurityManager;
    }

    // 将自定义域对象 交给spring管理
    @Bean
    public Realm realm() {
        CustomerRealm customerRealm = new CustomerRealm();

        //设置凭证匹配器  MD5
        HashedCredentialsMatcher hashedCredentialsMatcher = new HashedCredentialsMatcher("MD5");
        hashedCredentialsMatcher.setHashIterations(20);
        customerRealm.setCredentialsMatcher(hashedCredentialsMatcher);

        // 开启shiro的缓存  开启全局缓存
        customerRealm.setCachingEnabled(true);
        // 设置shiro的缓存机制  EhCacheManager  内存 本地缓存
        //customerRealm.setCacheManager(new EhCacheManager());
        //将认证和授权缓存写入redis   分布式缓存
        customerRealm.setCacheManager(new RedisCacheManager());
        // 设置认证缓存
        customerRealm.setAuthenticationCachingEnabled(true);
        customerRealm.setAuthenticationCacheName("authentication");

        // 设置授权缓存
        customerRealm.setAuthorizationCachingEnabled(true);
        customerRealm.setAuthorizationCacheName("authorization");

        return customerRealm;
    }
}
